Slashdot is powered by your submissions, so send in your scoop


Forgot your password?
Privacy Your Rights Online

VOIP Tappings Under Scrutiny 107

dynooomite writes " is reporting that Privacy groups have asked an appellate court to overturn an FCC rule that allows for phone-taps on VOIP calls. The privacy groups made their case saying taps would seriously hinder innovation on the web."
This discussion has been archived. No new comments can be posted.

VOIP Tappings Under Scrutiny

Comments Filter:
  • Encryption? (Score:5, Interesting)

    by GreyWolf3000 ( 468618 ) on Thursday October 27, 2005 @04:36PM (#13892037) Journal
    If I choose to encrypt my VOIP traffic using some sort of TLS, would such a ruling allow the FCC to force me to give them my encryption key?
    • Re:Encryption? (Score:4, Insightful)

      by Anonymous Cowpat ( 788193 ) on Thursday October 27, 2005 @04:40PM (#13892087) Journal
      it already does it Britain (not to the FCC, obviously)
    • Re:Encryption? (Score:3, Insightful)

      by MaceyHW ( 832021 )
      The rule applies to VoIP providers such as Vonage that use a central telephone company to complete Internet calls. It also applies to cable and phone companies that provide broadband services. The companies must comply by May 2007.

      Apparently not. I think the really interesting issue there is would be third party companies that were to provide certificate services for ad hoc encryption be subject to the requirement
    • by 2names ( 531755 ) on Thursday October 27, 2005 @04:47PM (#13892171)
      if you encrypt your traffic and the FCC or some other Govt agency attempts/succeeds in breaking your encryption, could it ("they") be found guilty under the DMCA?
      • Very unlikely. Often times the ones who enforce the rules don't abide by them. Especially in this day and age when anyone can be considered a "national security risk". That's the only excuse they'd have to barf up to weasle out of any litigation.
        • I agree with your sentiment that in the current administration, this is a very dangerous development, I'd say a land grab, really.

          However, here at /. and elsewhere, we're always bitching about new laws being drafted to cover stuff which happens on the 'net, when there are perfectly sane and established ones which would cover the case. And here's just a situation like that, only the other way 'round. Wire-tapping is (if there is oversight to prevent abuse, checks and balances etc) something which law-enforce
      • by Sloppy ( 14984 ) on Thursday October 27, 2005 @05:12PM (#13892399) Homepage Journal
        DMCA contains an exemption for Law Enforcement. []
      • if you encrypt your traffic and the FCC or some other Govt agency attempts/succeeds in breaking your encryption, could it ("they") be found guilty under the DMCA?

        Yes, but you would only be allowed to take posession of all the Brittiny Spears mp3s that they have on their hard drives.
      • if you encrypt your traffic and the FCC or some other Govt agency attempts/succeeds in breaking your encryption, could it ("they") be found guilty under the DMCA?
        Uh huh. Right after a cop gives you a speeding ticket, and you issue him one for catching up to pull you over. Good luck with that.
    • Well, if we copy the UK law, then the way it will work is that you'll be forced to hand over your key, but you will also be prohibited from informing yourself that you did so. So if men in black ever show up and demand your key, be sure you don't suddenly change your behavior, or else they'll accuse you of tipping yourself off, and then you'll be held in contempt of court.
    • Re:Encryption? (Score:3, Informative)

      If you use a private codec, you aren't going to be interconnecting with the PSTN. If you aren't interconnecting with the PSTN, you aren't covered by the wire tap rule.

      They don't care if you and your friend Jeff write your own codec and use that.
  • If the taps are on VOIP, what concern is it of the web? Slippery slopes don't count. Or is it possible to tap only VOIP, leaving other traffic alone?
    • Re:Taps on VOIP? (Score:3, Insightful)

      by bypedd ( 922626 )
      "The whole process of innovation on the Internet would be seriously damaged..."

      That does seem a little overemphasized. I think the taps on VoIP does raise (again) the concern of what is the FCC's business. If I should at my neighbor over my fence, do I have to do it in such a way that is compliant with FCC's regulations? What if we decide to use tin cans connected with a string? When does it fall inside the FCC's four flags?

      Furthermore, May 2007 isn't very far away for system-wide changes. So then it com

    • Re:Taps on VOIP? (Score:4, Insightful)

      by ucahg ( 898110 ) on Thursday October 27, 2005 @05:44PM (#13892657)
      VoIP is the web, in a way. It's just a different protocol. If you read the SIP standards, they are very much like instant messaging standards, so can the FCC tap instant messages too? And it's not that different from normal HTTP either, ultimately, so can they tap that? At what point is it under their juridiction? If you are continuously sending packets of voice? What about sending an entire recording at once? How is it different?

      These are the questions that I believe were behind the point that it will ruin innovation.
  • From TFA:

    To meet the rule's requirements, Internet call providers would have to rewire networks at great cost, Morris said. In addition, there is fear the rule would stifle development of new technologies by placing more regulatory burdens on innovators.

    Can someone explain to me (a) why they would have to rewire these networks and (b) how this would stifle the development of new technology? I must be dense...
    • Re:Huh? (Score:2, Interesting)

      Can someone explain to me (a) why they would have to rewire these networks and (b) how this would stifle the development of new technology? I must be dense...

      Well, I'm just guessing, perhaps they don't mean to physically re-wire the networks but completely change the data flow.

      For example, it's highly probable that for privacy concerns they specifically set everything up so nobody in the home office can listen in on any calls. It makes sense, as in case of a security audit they can say "we don't have

      • They'd need access to everyone's keys.

        Or just the public key of law enforcement agency x and provisions so that any endpoint being tapped can flip a switch (invisible to the end user) and start transmitting all data to the wiretap server.

      • Why not just tap into the phone/dsl/cable line near the house that is under survailence?
        • True, but they don't do that too often anymore unless there's no other choice. There's too much chance for it to be found or heard (clicks).

          Also, it's a lot of work for a non-priority case. Sure a mob case or terror case is one thing, but all the others?

          Most of their taps now-a-days are just getting the telcos to allow them to tap their conversations remotely. They want to maintain it for VoIP.
    • Re:Huh? (Score:5, Informative)

      by temojen ( 678985 ) on Thursday October 27, 2005 @04:54PM (#13892229) Journal
      RTP and H.323 communications that do not have a PSTN endpoint are routed point to point. Wiretapping would require them to be routed through or multicasted to a central wiretap server (at least the ones that are being tapped).
      • Thanks, temojen.

        That clears up my first question, but what about that innovation stifling bit?
        Sensationalism on the part of Privacy Pundits and Mass Media?
        • I believe the concern is they have to "upgrade" to specific software or equipment. Not sure if they have an FCC approved wiretap patch for Asterisk...
  • by AKAImBatman ( 238306 ) * <{akaimbatman} {at} {}> on Thursday October 27, 2005 @04:37PM (#13892055) Homepage Journal
    The privacy groups made their case saying taps would seriously hinder innovation on the web.

    Can we STOP using that word? This is getting worse than "Synergy"! If you have a point, try to quantify it in a reasonable manner. For example, "Tapping VOIP would drive up costs, thus resulting in slower adoption in an otherwise emerging market."

    "Innovation" is nothing more than a weasel word that get bandied about everytime someone wants to argue against something, but has no argument prepared.

    So, for the sake of the Children, everything Holy, and the nerves of all of us in the tech industry, please STOP USING THAT WORD as a defense. Thank you, have a nice day.
    • Re:Weasel words, Ho! (Score:3, Interesting)

      by fshalor ( 133678 )
      Ohoh... we're (a campus) actually looking at rolling out an inhouse VOIP solution to save us money over the pots system.

      The new policy is " for every network drop, put in a phone line" (so cat-5 and cat-3 ran to every wall box) and "for every phone line ran, run a network drop". (same) And this is now (increased) to , two cat-5's and one cat-3 per box.

      The thing is, we have so much internal bandwidth that there's no sense paying for the phones they way we are. I mean, for the price of three phone lines per m
    • Your not wanting me to use the word "innovation" is stifling my innovative use of the word innovation!
    • OK, so we have innovation [] , indeed [], intuitive [], copy protection [], boxen [], turbo [], cyber [], and FLOSS [],

      Got any other words, phrases, or acronyms we should stop using?
      • Indeed. Turbo-boxen protected by intuitive use of TCPA copy protetion would make for an innovative new FLOSS cyber-platform. Just think of the synergy that could be harnessed through such strategic mergers of technology! :-P

        Seriously, it's all about context. My humorous post was intended to point out the outright abuse of the term "innovation". It's fine when someone uses it as, "innovations like the new O(1) search method are changing the face of database technology." It's not okay when every yahoo (especi
        • Sorry, it's just that "stop using the word..." is looking like it could become the next troll meme.

          "First you tell me *what* innovation you're speaking of, and then we'll find a way not to stifle it."

          If I knew what my innovations would be in advance, they wouldn't be innovative.

          Will my high-latency VOIP by tamper-evident avian carriers have to be trained to fly to a special government office for inspection before they are allowed to reach their intended destination?
    • I agree, and may we add two additional weasel words, "rampant" and "piracy" to the list?

  • Read it again (Score:1, Redundant)

    by dr_dank ( 472072 )
    For the very first time [].
  • Yes, everyone saying people in the EU are less free then those in the USA might please post here, after RTFA. After Posting your humble opinion, you may want to reconsider searching for more information about the wiretapping in Europe.

    Thank you. I would be pleased to see some people to stop spamming /. with this topic over and over again with this stupid topic.
  • by Work Account ( 900793 ) on Thursday October 27, 2005 @04:42PM (#13892106) Journal
    To "sit on a wire" anywhere you should need a probable cause and a warrant.

    Anyone without this is simply hacking, which is illegal.
    • by DrJimbo ( 594231 ) on Thursday October 27, 2005 @05:00PM (#13892291)
      To "sit on a wire" anywhere you should need a probable cause and a warrant.
      If by should, you mean in a ideal world, or at least in a world more ideal than ours, then I fully agree with you that such things should be needed. Unfortunately they are not, unless the Patriot Act was recently repealed and no one told me.

      • Still need a warrant from a federal judge, albeit in some cases a secret one. If you don't have one, you can go for the immediacy excuse, but then you have to explain later or get slapped. Federal Judges aren't monkeys, you know.
        • A Google("patriot act" wiretap warrant) led to this page [], which says:

          The Foreign Intelligence Surveillance Act (FISA) regulates the FBI's collection of "foreign intelligence" information for intelligence purposes. Under the Fourth Amendment, a Title III warrant to intercept a communication must be based on probable cause to believe that a crime has been or is being committed. This is not the general rule under FISA: surveillance under FISA is permitted based on a finding of probable cause that the surve

          • Successful bank robbers are successful in part because they are careful to do their planning and preparation in ways that don't support the belief that criminal activity is occuring. That is, they game the system to ensure that the people charged with stopping them have no legal justification for doing so.

            One question worth asking here is, is it beneficial to our society to give up earlier and more effective prevention of bank robberies in exchange for greater privacy and freedom for law-abiding citizens?

            • I couldn't disagree with you more.

              First, I can't believe that you really believe your facile, Hollywood fairy tale of the crafty bank robber. We have bank robbers in the region where I live. They are usually poor and desperate. The successful ones use a gun and a mask and a getaway vehicle. They aren't gaming any system.

              Second, I know for sure that the people who championed the Patriot Act are the same people who now want to subvert the overwhelming will of the American people and legalize torture []

              • You're assuming that the liberties being given up are "essential" in the sense that Franklin used the term.

                Do you have anything better than CNN to offer, in support of this assumption? It's obvious that Franklin didn't consider all liberties to be essential, since the government he endorsed certainly curtailed quite a few.
    • To "sit on a wire" anywhere you should need a probable cause and a warrant.

      Does that mean the birds sitting on the wire outside my window are actually "Police Birds" and are merely carrying out surveillance of my telephone usage? Should I ask them for their warrant?

      As it is cold, should I use the phone more to send more current down the wires to warm their little feet up?

      I think we should be told these secrets.....

  • How do you file a lawsuit on the grounds that it will "seriously hinder innovation on the web"? It is not illegal to have a stupid rule. Maybe someone with more legal knowledge can clarify this for me.
    • No, stupid rules aren't illegal, but stuipd rules that will cause harm can be blocked. I didn't RTFA, but you can get an injunction that either prevents the stupid rule from being enforced or invalidates the rule altogether.
      • Didn't the FCC just recently win the Brand-X case in the Supreme Court arguing that broadband was an information service and not a telecommunications service, therefore broadband providers were not considered common carriers and under no obligation to "open up" their lines to competitors?

        Doesn't it seem at least on the surface, if not directly, contradictory for this agency to have any discussion regarding wiretapping as far as VOIP goes? Doesn't wiretapping only happen on communication services? Doesn't th
    • by MaceyHW ( 832021 ) <> on Thursday October 27, 2005 @04:55PM (#13892252)
      IANAL, but judging by the similar pattern of events with the "broadcast flag" it has to do with the fact that this is a regulation created by the FCC, not a law passed by Congress. FCC decisions can be challenged in court because the FCC has a specific, limited mandate and you can argue that it has exceeded it's authority.

      Also, the "seriously hinder innovation" line is most likely a rhetorical tool more than the actual central legal argument of the case
  • I know my voip is wire tapped. I think CmdrTaco has a loopback on his dupe machine.
  • Innovation? (Score:5, Insightful)

    by P3NIS_CLEAVER ( 860022 ) on Thursday October 27, 2005 @04:45PM (#13892138) Journal
    What does innovation have to do with it? Aren't our constitutional rights more important than if companies can make money off something?
  • It's not possible (Score:5, Interesting)

    by MoogMan ( 442253 ) on Thursday October 27, 2005 @04:47PM (#13892166)
    Well, if they had any fucking sense, they'd realise it wasn't possible. You can still (In the SIP/SDP case) send an arbitrary codec description over a call. The actual call is point-to-point.

    Even taking into consideration the possibility of codec recognition and denying calls based on a restricted set of codecs, you could just place a "signature signal" at the start of the call - something relatively inaudible to the human ear - that triggers encryption etc. Maybe in the same way as Amateur Radioers have a blip at the start/end of speech.
    • If it's law, it'll be made possible. It'll be engineered that way by the law abiding and in this case, anyone that wants to make money from VoIP falls into the "law abiding" category. I'm talking about service providers, equipment manufacturers, and software vendors. Given the choice of breaking the law and protecting what should be your right to privacy, you'll lose.

      I think what you're referring to are those that don't care about making money. Call them the "VoIP underground." But its worse than that.
    • "Maybe in the same way as Amateur Radioers have a blip at the start/end of speech."

      What blip would that be? Amateur Radio rules forbid encryption. Some Amateur radio repeater systems insert "beeps" to signal the end of transmissions, but generally serve no real purpose other than entertaining the system users. I've only been an active ham radio opperator for about 28 years, so as a newbie, I may simply have never have heard of these blips. Maybe you were thinking of that other service, Childrens Band, they
    • CALEA requires that the tap be undetectable, and able to set up effectively by flipping a virtual switch. Since RTP in VoIP can be point-to-point (i.e. untappable), and since tapping by routing a call through a proxy that could record the packets would be detectable (given a network sniffer), VoIP providers would have to route ALL calls through proxies just in case they might have to tap them. Realize they already had the power to ask for a subpoena for a tap, but that VoIP providers didn't have to engine
  • s/allow/require/ (Score:5, Interesting)

    by frankie ( 91710 ) on Thursday October 27, 2005 @04:50PM (#13892193) Journal
    Aside from being a dupe, this submission is worded horribly. The FCC ruling does not allow VOIP-tapping; that's already allowed under standard warrant laws. The ruling is that VOIP providers should be required to make it just as easy to tap a VOIP call as it is to tap a land or cell call, by hooking into the phone company trunk. Given the wandering nature of internet packets, it would be intrusive, expensive, and possibly infeasible to add to an existing system.
  • I really fail to see the big deal. They wiretap analog phone lines now. This is just tapping digital lines. Whoopdie do, now they have to be able to send a call's packets to a second place to be listened to. They have control over their routing and should already be able to tell which customer data is coming from. Implimenting something that can sort and redirect seems pretty small. Isn't this part of what carnivore did anyway with all other data from a user?
    • Think of it like banning any car that can go faster than 75 mph, because police cars have a maximum speed of 85 mph. They want to cripple and dictate the designs of data networks in order to make the life of a wiretapper easier. Since it was relatively easy to tap analog phone lines, they think they are entitled to similar ease-of-use in tapping digital voice and data networks.
  • I'm wondering if this could affect other ways that voice communications get transmitted over the internet. Could they force tapping of voice transmissions over IM? How about conversations on Xbox Live? There are many ways other than Skype, Vonage, etc. to communicate with voice over the internet, would this affect all of them?

    And yeah, I could go find the original posting to see if someone already answered this, but I'm here now, so...
  • Easy workaround (Score:4, Interesting)

    by dtfinch ( 661405 ) * on Thursday October 27, 2005 @05:11PM (#13892387) Journal
    Use open source secure VOIP software, preferably developed outside the US. If it doesn't go through a service provider, and it's encrypted, they won't succeed in tapping it without first hacking one of the endpoints, no matter what outrageous laws the FCC takes upon itself to pass.
  • Articles like this show that the people making laws do not understand what their talking about. It's very easy to encrypt your data (including voice conversations). If the US decides that all VOIP should be tapable/unencrypted, the bad guys can use a service based in a foreign country that doesn't force phone taps. They can then communicate. Or better yet, they can develop their own software to encrypt phone calls and would anyone notice? No way, it would just sounds like static or something. Sorry guys, but there's no way to block people from encrypting stuff and keeping their keys locked safely in their own possession. Unless of course, you make encryption illegal, which would be difficult to do, because the privacy hounds would never let something like that happen.
    • Unless of course, you make encryption illegal, which would be difficult to do, because the privacy hounds would never let something like that happen.

      You'd think so, eh?

      Unfortunately in the UK the police already have powers to demand that you hand over your keys/passwords to any encrypted data. Under the Regulation of Investigatory Powers bill [] the UK government can demand that you to hand over your encryption keys to the police.

      Laws like these are getting slipped through very easily, with little counter from
  • because they'd only hear every 10th word out of my mouth. Comcast Cable can't seem to guarantee me enough upload bandwidth to... decent... VoIP... bullsh... back to... analog!
  • I believe it was US Secretary of State Henry Stimson who said "Gentlemen don't read each other's mail."
  • Yesterday we had a story about VoIP wiretapping that makes this one feel like a dupe. One of the comments [] on that story jokingly asked why VoIP users shouldn't have to deal with the same government abuses PSTN telephone users do. It was actually a valid question. They should be dealt with any differently?

    Now remember that P2P networks have been fighting hard to gain any legitamacy becuase they are used so much for pirating music and movies. The RIAA/MPAA has been trying to get P2P networks themselves deemed
    • "Has it occured to anyone the bellco's can play just as stupid a card if VoIP is not tappable. They'll say VoIP is a haven for drug dealers and those plotting against America to communicate and will try to get all VoIP banned the same way recording industry stooges try to P2P banned."

      They won't have to bother with any type of scare or FUD campaign.

      The way things are going, with the push on for laws and regulation that increase dramatically the expense of VOIP while at the same time decreasing the advantages
  • Under the New Zealand Telecommunications Act, all telcos in NZ are required to have "interception capability" for all communications going through their networks, so as to assist law enforcement agencies who present a valid warrant. Other countries have similar laws. Does the US have any similar laws on its books? And for a product like VoIP, which is very easy to use internationally, will there be governments in other countries demanding VoIP providers provision similar capabilities within their product
  • In an npr story about this, it was mentioned that the FBI - the actual source of this FCC rule - really wants to be able to do this wiretapping remotely. So rather than needing to physically go to a site and install equipment and or software, collect data, then come back for it later, the FBI tech can just go [click][click] in his remote wiretapping console and now they're wiretapping. And if its not remote, you basically need to have your IT guy available 24/7 with keys to your building. That's one thing f

Vitamin C deficiency is apauling.